Bloggers From Pemalang City, Indonesia
Join 4Shared Now! Get 4Shared Premium!

Jumat, 30 April 2010

What are the computer viruses and its characteristics?

Viruses -
Threat Level - Intermediate to Severe
What is a computer virus? A computer virus is a piece of malicious code that adds itself to other existing programs, including operating systems. Computer viruses spread quickly and wreck havoc on computer systems. Including potential destruction of operating systems and data.

There are different types of viruses and they range from being a nuisance that constantly displays pop-ups to being a real severe danger that deletes system files, attaches to registries, destroys ability to log into the Internet and even destroying the computer's operating system along with all the data that is on it. Unless you have completely backed-up the data on your laptop, recovering that data will be impossible if you have to re-install the operating system after a virus infection.

While there are hundreds of different types of viruses with various levels of dangers, one of the most dangerous is the Trojan Horse, all though threat severity levels vary with the different types of Trojans, basically they are all dangerous and should always be protected against. Unfortunately some Trojans infect computers and cause such damage that it becomes irreversible and a reinstall of the entire operating system becomes necessary.

Many viruses slow down computer performance tremendously and especially Internet Browsers, there are other causes however for slow computers so do not assume that it is a virus. The best way to detect if you have a virus is by installing and running anti-virus software.

The best protection against computer viruses is prevention, early detection and removal. A good anti-virus or Malware removal program can protect computers and provide peace of mind when surfing the net.
You can read a guide to anti-virus protection software including all details and reviews of free and paid Anti-Virus programs and my top picks by clicking on Related Links Below.

LIST OF COMPUTER VIRUSES

Abraxas ( COMPUTER VIRUSES )

Abraxas
, also known as Abraxas5, discovered in April 1993, is an encrypted, overwriting, file infecting computer virus which infects .COM and .EXE files, although it does not infect command.com. It does not become memory resident. Each time an infected file is executed, Abraxas infects the copy of dosshell.com

located in the C:\DOS directory (creating the file if it doesn't exist), as well as one EXE file in the current directory. Due to a bug in the virus, only the first EXE file in any directory is infected.

Abraxas-infected files will become 1,171 bytes in length contain Abraxas' viral code. The file's date and time in the DOS disk directory listing will be set to the system date and time when infection occurred. The following text strings can be found within the viral code in all Abraxas infected programs:

"*.exe c:\dos\dosshell.com .. MS-DOS (c)1992"

"->>ABRAXAS-5<<--"

"...For he is not of this day"

"...Nor he of this mind"

Execution of infected programs will also result in the display of a graphic "ABRAXAS" on the system display, accompanied by an ascending scale being played on the system speaker.

Abraxas was created with the PS-MPC virus creation tool, which can be used to create similar, easily detected viruses, which are usually encrypted as well.

Acid ( computer virus )

Acid is a computer virus which infects .COM and .EXE files including command.com. Each time an infected file is executed, Acid infects all of the .EXE files in the current directory. Later, if an infected file is executed, it infects the .COM files in the current directory. Programs infected with Acid will have had the first 792 bytes of the host program overwritten with Acid's own code. There will be no file length increase unless the original host program was smaller than 792 bytes, in which case it will become 792 bytes in length. The program's date and time in the DOS disk directory listing will not be altered.

The following text strings are found in infected files:

  • "*.EXE *.COM .."
  • "Program too big to fit in memory"
  • "Acid Virus"
  • "Legalize ACiD and Pot"
  • "By: Copyfright Corp-$MZU"
Acme ( computer virus )

Acme is a computer virus which infects EXE files. Each time an infected file is executed, Acme may infect an EXE in the current directory by creating a hidden 247 byte long read-only COM file with the same base name. (In DOS, if the file extension is not specified, and two files with the same base name exist, one with .COM and one with .EXE, the .COM file will always be executed first.) Acme is a variant of Clonewar, a spawning virus. Acme is also perhaps a descendant of the small single-step infector Zeno, which is not to be confused with the Zeno programming language.

AGI-Plan ( computer virus )

AGI-Plan was a memory resident DOS file infector first isolated at the Agiplan software company in Germany. Because of CARO standards that dictate that viruses should not be named after companies, AGI-Plan's technical name is Month 4-6. This name also violates CARO standards, but a more minor rule involving syntax. AGI-Plan is related to the Zero Bug virus, as both it and AGI-Plan prepend 1,536 bytes to files they infect.

AGI-Plan is not initially damaging until several months after the initial infection, hence its name. After activation, AGI-Plan will begin to corrupt write operations, which results in slow, difficult-to-notice damage overtime.

AGI-Plan is notable for reappearing in South Africa in what appeared to be an intentional re-release several years after. AGI-Plan never succeeded in spreading significantly beyond the isolated incidents in Germany and South Africa.

Actifed ( computer virus )

Actifed is a G2-generated encrypted computer virus which infects .COM and .EXE files but not command.com. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation and corrupts program files.

It is interesting that G2 is a computer virus creation tool written by Dark Angel of the Phalcon/Skism organisation. This organization also wrote the "Phalcon-Skism Mass Produced Code Generator" [PS-MPC] which was used in the creation of Abraxas and numerous other viruses.

G2 generates compact, easily modified, fully commented, source code of .COM and .EXE infectors. It also supports the creation of resident and non-resident encrypted and non-encrypted viruses. The PS-MPC has similar use.

******
OPRAH WINFREY VIRUS: Your 200MB hard drive suddenly shrinks to 80MB, and then slowly expands back to 200MB.

AT&T VIRUS: Every three minutes it tells you what great service you are getting.

MCI VIRUS: Every three minutes it reminds you that you're paying too much for the AT&T virus.

PAUL REVERE VIRUS: This revolutionary virus does not horse around. It warns you of impending hard disk attack---once if by LAN, twice if by C:>.

POLITICALLY CORRECT VIRUS: Never calls itself a "virus", but instead refers to itself as an "electronic microorganism."

RIGHT TO LIFE VIRUS: Won't allow you to delete a file, regardless of how old it is. If you attempt to erase a file, it requires you to first see a counselor about possible alternatives.

ROSS PEROT VIRUS: Activates every component in your system, just before the whole darn thing quits.

MARIO CUOMO VIRUS: It would be a great virus, but it refuses to run.

TED TURNER VIRUS: Colorizes your monochrome monitor.

ARNOLD SCHWARZENEGGER VIRUS: Terminates and stays resident. It'll be back.

DAN QUAYLE VIRUS #2: Their is sumthing rong wit your komputer, ewe jsut cant figyour out watt!

GOVERNMENT ECONOMIST VIRUS: Nothing works, but all your diagnostic software says everything is fine.

NEW WORLD ORDER VIRUS: Probably harmless, but it makes a lot of people really mad just thinking about it.

FEDERAL BUREAUCRAT VIRUS: Divides your hard disk into hundreds of little units, each of which does practically nothing, but all of which claim to be the most important part of your computer.

GALLUP VIRUS: Sixty percent of the PCs infected will lose 38 percent of their data 14 percent of the time. (plus or minus a 3.5 percent margin of error.)

TERRY RANDALL VIRUS: Prints "Oh no you don't" whenever you choose "Abort" from the "Abort" "Retry" "Fail" message.

TEXAS VIRUS: Makes sure that it's bigger than any other file.

ADAM AND EVE VIRUS: Takes a couple of bytes out of your Apple.

CONGRESSIONAL VIRUS: The computer locks up, screen splits erratically with a message appearing on each half blaming the other side for the problem.

AIRLINE VIRUS: You're in Dallas, but your data is in Singapore.

FREUDIAN VIRUS: Your computer becomes obsessed with marrying its own motherboard.

PBS VIRUS: Your programs stop every few minutes to ask for money.

ELVIS VIRUS: Your computer gets fat, slow and lazy, then self destructs; only to resurface at shopping malls and service stations across rural America.

OLLIE NORTH VIRUS: Causes your printer to become a paper shredder.

NIKE VIRUS: Just does it.

SEARS VIRUS: Your data won't appear unless you buy new cables, power supply and a set of shocks.

JIMMY HOFFA VIRUS: Your programs can never be found again.

CONGRESSIONAL VIRUS #2: Runs every program on the hard drive simultaneously, but doesn't allow the user to accomplish anything.

KEVORKIAN VIRUS: Helps your computer shut down as an act of mercy.

IMELDA MARCOS VIRUS: Sings you a song (slightly off key) on boot up, then subtracts money from your Quicken account and spends it all on expensive shoes it purchases through Prodigy.

STAR TREK VIRUS: Invades your system in places where no virus has gone before.

HEALTH CARE VIRUS: Tests your system for a day, finds nothing wrong, and sends you a bill for $4,500.

GEORGE BUSH VIRUS: It starts by boldly stating, "Read my docs....No new files!" on the screen. It proceeds to fill up all the free space on your hard drive with new files, then blames it on the Congressional Virus.

CLEVELAND INDIANS VIRUS: Makes your 486/50 machine perform like a 286/AT.

LAPD VIRUS: It claims it feels threatened by the other files on your PC and erases them in "self defense".

CHICAGO CUBS VIRUS: Your PC makes frequent mistakes and comes in last in the reviews, but you still love it.

ORAL ROBERTS VIRUS: Claims that if you don't send it a million dollars, it's programmer will take it back. >>

Continue reading...

Computer Viruses

Computer viruses are pieces of computer code, designed to implant itself in programs or files with the idea of destroying, or changing the data transmitted. Viruses can be spread through interchange of files and programs, loaded onto a computer and executed. They slow down computers, crash a system, or simply reroute data to other units. Virus numbers have risen since the 90s, and the U.S government has passed laws making virus introduction into computers of unknowing victims, a serious crime. Software companies have also sought to stem the tide by creating programs specifically for tracking down viruses and stopping them. Below are articles which provide information on latest computer viruses, virus statistics, computer virus protection and removal.
Continue reading...

Selasa, 27 April 2010

Smadav 2010 Rev 8.1 – The New SmadEngine



Addition of a new virus database 100

Viruses (or more precisely Malware), which many in Indonesia today is spread mostly foreign-made viruses that are similar to viruses in nature is still local. These viruses become targets SmadAV this latest version. Local virus itself is starting to decrease and their distribution is very rarely found. This we deduce from the virus samples are uploaded by Smadaver in www.smadav.net.

SmadAV Virus Scanner Engine (SmadEngine.dll)

Old engine that has been used SmadAV since 2006 is not used anymore since in 2010 SmadAV Rev. This 1.8. Re-Virus Scanner Engine overhaul that makes more than one month delayed release SmadAV. This latest engine completely rewritten from scratch using C + + programming languages, refining the previous engine was written in Visual Basic. Most of the existing virus detection techniques in this new engine has been revamped and improved for the better. Memory usage on the new engine is more stable and efficient than the old engines, as well as the scanning speed is also faster.

Compatible with Windows Vista & 7

In Rev. 8-rev and previous rev SmadAV was still not 100% compatible with Windows Vista and Windows 7. But the Rev. 1.8 is a good scanner and protector SmadAV its been supportive and 100% compatible for use in Windows Vista and Windows 7.

Here is the complete list of enhancements in 2010 Rev. SmadAV. 8.1:

* Engine new scanner (SmadEngine.dll) to detect the virus more quickly and accurately.
* External Database (Smadav.loov) to facilitate database update for the next revision.
* Plug-in explorer right click on the latest (SmadExtc.dll) better.
* Compatible with Windows Vista & 7.
* Detection of some of the many International Virus spreads in Indonesia (Sality & Alman) is faster and more accurate.
* Addition of a database of more than 100 new viruses and their variants-the variants
* Improved false alarm on some files.
* Completion of key blacklist illegal methods SmadAV Pro
* Changes in team structure for 2010 SmadAV
* Additions to uninstall menu in the Tray Icon for easy uninstall process
* And many other improvements ...

What are the advantages SmadAV Pro compared SmadAV Free?

SmadAV Pro has many additional features that do not exist in SmadAV Free, the following are additional features you get on SmadAV Pro: Automatic Update Online, 10x Faster Scanning, Exception List, Maximize / Resize, Color Changing Themes, Indonesian language / UK, Admin Password, and License Usage Profit. You must be a donator to get SmadAV Pro.
>">[Click here] To see an explanation how to get SmadAV Pro>>


Why Use SmadAV 2010?

SmadAV created with the aim to clean and protect your computer from viruses spread locally which many in Indonesia .. If you are surfing the Internet often or often install new programs, you are still strongly recommended to merge with Antivirus SmadAV Import (for example, that free is Avira, AVG, or Avast, and the pay is Kasperksy, Norton, or NOD32). SmadAV can cooperate with almost all antivirus imports so that your computer is completely protected from virus infection, both local and foreign (global). Currently SmadAV 2010 has identified most of the local virus widespread in Indonesia. These are the reasons why using SmadAV:
  • Technology SMART, SMART-Protection
  • Technology Smad-Behavior
  • Smad-Lock Technology
  • Scanner smart (Intelligence)
  • Cleaner Infected Document
  • Cleaning & repair (1500 value) Registry
  • Latest update at each revision
  • Weapons Manual is very easy to use
  • Free
  • Portable and OS support Windows 2000/XP/Vista/7
Continue reading...

Sabtu, 24 April 2010

AVG Anti-Virus Free Edition 9.0


AVG Anti-Virus Free

Company profile

Who we are

Founded in 1991, with corporate offices in Europe, the US and the UK, AVG is focused on providing home and business computer users with the most comprehensive and proactive protection against computer security threats.

With more than 110 million active users around the world, the AVG family of security software products is distributed globally through resellers and through the Web and supports all major operating systems and platforms.

Employing some of the world’s leading experts in software development, threat detection and prevention, and risk analysis, AVG is uniquely positioned to spearhead innovation in the industry. The company continues to invest in R&D, teaming with leading universities to maintain its technological edge.

AVG has experienced significant growth in the last few years, becoming the world’s fourth largest vendor of antivirus software measured by installed user base. The company will continue to expand and address the needs of the global market through improved technology and broader language and platform support.


AVG Anti-Virus Free Edition

What does it mean to be "tough on threats, easy on you"?

Computer and internet use is an integral part of our everyday lives. Every aspect of our lives is accessible electronically, which brings considerable benefit – and, unfortunately, considerable risk. Our role is to shield you from that risk by providing powerful, easy-to-use protection that works efficiently and invisibly in the background so you can focus on using your computer, not worrying about security.

As the nature of threats continues to evolve - from computer - and web-borne viruses to complex exploits designed to steal information for financial gain, the nature of protection must also evolve. Using the latest technology developed by world-renowned security experts, AVG provides real-time defenses against real-time threats. With AVG software on your system, you can safely surf the net, create online profiles, shop, bank online, download files, store data, chat, and email, safe in the knowledge that your personal and professional information will not be stolen or misused.

In a nutshell, AVG enables people and businesses to use computers with confidence and without aggravation by protecting them from disruption and loss.


Continue reading...

Jumat, 23 April 2010

Downloads

Kaspersky Lab provides downloadable removal tools, product upgrades, antivirus and antispam databases, extra secure databases and product documentation on our website. You can also try any of our antivirus software products free for 30 days.

Antivirus Software: Free 30-Day Trials

It is always a good idea to try before you buy. You can download free trial software versions of our antivirus software solutions and decide which product fits your requirements. Our trial versions are valid for 30 days.

Kaspersky Antivirus Software Product Downloads

All current product downloads are located in this section: product upgrades, patches and documentation.

Software Documentation

For your convenience, product documentation is also available in a separate section, listed according to product.

Free Virus Removal Tools

Kaspersky Lab reacts proactively to all new threats. Occasionally there are viruses that require special treatment. In such cases we provide malware removal tools for each specific virus.

Downloads for Version 7 and Earlier

In versions 7 and earlier, riskware signatures are optional and can be downloaded here: Extra Databases. Also, in versions 7 and earlier it is possible to manually update the antivirus databases.

Continue reading...

Download Kaspersky Anti-Virus 2010 9.0.0.736 Final

Download

[ Kaspersky Anti-Virus 2010 9.0.0.736 ]

Download

[ Kaspersky Anti-Virus 2009 8.0.0.506 ]


Continue reading...

About Kaspersky Lab

Some companies put on a big show, while others simply create great products. In any area of business only companies that are fully dedicated and remain focused on one thing achieve success. For us this means the battle against computer malware. For 13 years, we have worked on exposing, analyzing and neutralizing IT threats. Along the way, we have amassed a tremendous amount of experience and knowledge about malware and how to deal with it. Today, Kaspersky Lab is firmly positioned as one of the world’s top four leading IT security software vendors for endpoint users.

The company today

Kaspersky Lab is an international group that employs over 1700 highly qualified specialists, has central offices in Moscow, as well as regional headquarters overseeing the activities of local representatives and partners in five global regions: Western Europe; Eastern Europe, the Middle East and Africa; North and South America; the Asia-Pacific region; and Japan. The company currently works in more than 100 countries across the globe. The company’s products and technologies provide protection for over 300 million users worldwide.

The group’s main decision-making body is the Board of Directors, responsible for setting out an overall development strategy and appointing senior management figures. The Board is made up of nine shareholders and top managers representing the central headquarters and global regions.

Unique experience and knowledge

In 2010 Kaspersky Lab celebrates its thirteenth anniversary. Undoubtedly, the company’s most valuable asset is the wealth of experience and knowledge it has gained in those years of combating viruses and other IT threats, enabling us to pre-empt trends in malware development. This helps us to remain one step ahead of the competition and provide our users with the most reliable protection from new types of attack.

Kaspersky Anti-Virus

Due to its high level of professionalism and dedication, Kaspersky Lab has become one of the market leaders in the development of antivirus protection. The company’s main product, Kaspersky Anti-Virus, regularly receives top awards in tests conducted by respected international research centers and IT publications. Kaspersky Lab was the first to develop many technological standards in the antivirus industry, including full-scale solutions for Linux, Unix and NetWare, a new-generation heuristic analyzer designed to detect newly emerging viruses, effective protection against polymorphic and macro viruses, continuously updated antivirus databases and a technique for detecting viruses in archived files. Kaspersky Anti-Virus 2010 is a product intended for advanced users. It includes proven antivirus technologies that provide effective protection to millions of users across the globe.

It is hard to imagine what the antivirus industry would be like today without the numerous technologies devised by Kaspersky Lab. This is reflected in many respected security software developers choosing the Kaspersky Anti-Virus engine to drive their own products, including Safenet (USA), Alt-N (USA), Blue Coat (USA), Check Point (Israel), Clearswift (UK), Communigate Systems (USA), Critical Path (Ireland), D-Link (Taiwan), Finjan (USA), GFI (Malta), IBM (USA), Juniper (USA), LANDesk (USA), Microsoft (USA), Netasq (France), Netgear (USA), Parallels (Russia), Sonicwall (USA), WatchGuard (USA), ZyXEL (Taiwan).

Kaspersky Internet Security 2010 is a new Kaspersky Lab product for home users that provides complete protection of personal computers from all Internet threats. The solution includes HIPS (Host-based Intrusion Prevention System), an advanced application activity control technology which assigns security ratings to new, as yet unknown programs. It is the first antivirus product to include sandbox technology, which uses virtualization to provide a secure isolated execution environment for applications. Kaspersky Internet Security 2010 also offers users the advantages of Kaspersky Security Network, an innovative distributed malware control system.

Kaspersky Mobile Security is a user-friendly and reliable solution that protects mobile devices from network attacks, malware targeting mobile platforms and SMS spam. In the event that the smartphone is lost, the data in its memory also remains protected.

Kaspersky PURE - an integrated solution for home networks protection. Kaspersky PURE represents a new class of products that provide a secure and productive digital environment, whatever you use your computer for.

Kaspersky PURE combines complete protection against all types of web-borne threats with new, advanced features including extended parental control features, data backup and encryption tools, a password management program and the ability to manage your entire home network or fine tune the security settings of your web browser and operating system from any computer on the network.

Kaspersky PURE retains all the features that users of Kaspersky Anti-Virus and Kaspersky Internet Security have come to know and appreciate, including state-of-the-art ‘sandbox’ technologies that allow suspect applications to be run in a secure virtual environment, proactive detection of unknown threats, application control and restrictions on the level of access that suspicious programs have to passwords, logins, personal information and operating system settings.

Kaspersky Open Space Security

Kaspersky Open Space Security Release 2 is the latest product developed by Kaspersky Lab for business users. It includes an updated version of Kaspersky Administration Kit, the proprietary antivirus protection management tool, as well as three applications that protect Windows workstations and servers. Advanced administration and protection tools included in the updated product provide substantially enhanced security, performance and manageability for all nodes on the corporate network.

Kaspersky Administration Kit 8.0 includes more than forty new and improved features which allow organizations with computer networks of any size, from several PCs to distributed networks with a complex administration structure, to implement a flexible model of antivirus protection management. The ease of installation and minimal time required to manage the protection system using Kaspersky Administration Kit 8.0 help minimize Kaspersky Lab antivirus solutions’ total cost of ownership.

Integrated security

When it comes to providing reliable protection against viruses, spam and hacker attacks, Kaspersky Lab has solutions for every customer. The company delivers a comprehensive range of products to protect home PC users and corporate networks from the increasingly complex, multifunctional malware systems that permeate the Internet.

Kaspersky® Anti-Spam is designed to protect both users of company mail systems and Internet providers from unsolicited mass mailing or spam. It employs intelligent spam detection technology, which was developed using Kaspersky Lab’s extensive experience in protecting large-scale mail systems.

In 1999, Kaspersky Lab was the first to introduce integrated antivirus software for workstations, file servers and application servers running on Linux/FreeBSD operating systems. Today, the company offers a whole range of effective IT security solutions for the most popular Linux/FreeBSD systems, protecting both server and client applications.

Kaspersky Lab also offers a new range of IT security outsourcing services for corporations of any size. Kaspersky® Hosted Email Security ensures that email threats – viruses, spam, hacker attacks, and phishing – are neutralized before they even reach a company’s servers. The Kaspersky Hosted Web Security service provides protection from IT threats that penetrate the corporate network via Internet gateways.

Using the entire range of Kaspersky Lab products ensures an unprecedented level of protection from malware and other external threats.

Kaspersky Lab customers have access to a wide range of additional services to ensure the most effective operation of our products. The company releases antivirus database updates on an hourly basis and anti-spam database updates 12 to 24 times per day. We provide round-the-clock technical support in several languages (by telephone and email) and updates of antivirus and anti-spam databases virtually every hour of the day. We also design, deploy and support customized antivirus solutions and information security systems for corporate customers.

Continue reading...

Kaspersky Anti-Virus for Linux Mail Server

Kaspersky Anti-Virus for Linux Mail Server provides effective antivirus protection for corporate mail traffic. The application is integrated as an additional module into the existing mail system and provides real-time scanning of SMTP mail traffic for malicious code.

Kaspersky Anti-Virus for Linux Mail Server scans the server’s file systems on demand, and supports the most widely-used email solutions, namely Postfix, Sendmail, Qmail and Exim.

Functions

Detects and disinfects viruses, spyware and other malware

Antivirus scanning. All elements of email messages are scanned for malicious code. The application scans for and removes all types of viruses, Trojans, spyware, malicious and potentially hostile programs from incoming and outgoing mail messages and attachments in most formats.

Customizable notifications. When a suspicious or infected object is detected, the system administrator, sender and recipient of the message receive a message, the contents and format of which are defined by the system administrator. System messages can be sent in any language.

Quarantine. Infected, suspicious and damaged objects detected in a server’s file system or in email traffic can be moved to the quarantine folder, where they will be disinfected, deleted or stored according to pre-defined settings.

Backup copies. Backup storage can be created to store copies of infected objects before they are treated, making it possible to restore if necessary.

File server scanning. In addition to scanning mail traffic, Kaspersky Anti-Virus for Linux Mail Servers offers on demand scanning of the server’s file systems. The scanning is performed with the help of iChecker, a check-summing technology which significantly reduces the amount of time required for additional scans of each object.

Additional message filtering

By attachment type. The application can be configured to filter mail traffic by attachment name and file type and to apply specified processing rules for each category.

By user group. Administrators can create user groups, assign individual message processing rules to each group and define user privileges for each group.

Flexible management and administration

Remote administration. Kaspersky Anti-Virus for Linux Mail Server can be configured either traditionally, via the application’s configuration file, or using the Web interface.

Configuration of updates. Antivirus databases can be updated from Kaspersky Lab’s servers via the Internet or from local update servers on demand or on schedule. Administrators can choose the type of antivirus databases to be used: standard (detection of true malware only) or extended (databases used to detect potentially hostile software – spyware, adware and more). Kaspersky Lab antivirus databases are updated hourly.

System Requirements

Hardware Requirements for mail servers with daily traffic of 200MB
  • Intel Pentium IV 3GHz or higher
  • At least 1GB RAM
  • At least 200MB available hard disk space for installation
Software Requirements

1. One of the following operating systems

    32-bit operating systems:
  • Red Hat Enterprise Linux Server 5.2;
  • Fedora 9;
  • SUSE Linux Enterprise Server 10 SP2;
  • openSUSE Linux 11.0;
  • Debian GNU/Linux 4.0 (r4);
  • Mandriva Corporate Server 4.0;
  • Ubuntu 8.04.1 Server Edition;
  • FreeBSD 6.3, 7.0.
    64-bit operating systems:
  • Red Hat Enterprise Linux Server 5.2;
  • Fedora 9;
  • SUSE Linux Enterprise Server 10 SP2;
  • openSUSE Linux 11.0.

2. One of the following mail systems:

  • Sendmail 8.12.x or higher;
  • qmail 1.03;
  • Postfix 2.x;
  • Postfix 2.4 (for integration using the milter interface);
  • Exim 4.x. (for "exim" integration post-queue);
  • Exim 4.51+ (for "exim-dlfunc" integration, i.e. via the dynamic download function).

3. Linux/FreeBSD utilities: awk, grep, sed

4. Perl 5.0 or higher.

5. The Webmin program (www.webmin.com; optional) for remote administration of Kaspersky Anti-Virus.

6. NET-SNMP version 5.2.1.2 or higher (optional) for using SNMP.

Continue reading...

Kamis, 22 April 2010

History of Computer Viruses

If observed, the development of viruses from time to time continue to attract, is associated with the development of computer technology / information technology is growing rapidly. historical development of the virus itself is interesting enough to follow.

Unfortunately there is no certainty when it was first discovered computer viruses. There are sources who say that the history of the virus originated in 1949 when John Von Neuman, expressed "self-altering automata theory" which is the result of research by mathematicians. Later in the year 1960 experts in the lab BELL (AT & T) to experiment with the theory expressed by John V Neuman, they toyed with the theory to a type of game / game. The researchers make a program that can reproduce itself and can destroy your opponent artificial program. Programs that can survive and destroy all other programs, it will be considered a winner. This game eventually became a favorite game in each and every computer lab. the longer they are also aware and wary of this game due to start the program that created more and more dangerous, so they conduct surveillance and strict security.

Meanwhile Virus Scan Software Virus was first discovered in the early 1970s in which th two computer programs named Pervading Animal and Christmas Tree-based system to infect Univac 1108 and IBM 360/370. Because nature does not destroy, the two programs as the virus is not yet known.

However, other sources such as wikipedia mentions a computer program called "Elk Cloner" is believed to be the first computer virus created Screnta Rich in 1982 and spread on the Apple operating system Disk Operating System (DOS) version 3.3 via floppy disk media

In 1987 came a new type of virus which started to implement the replication algorithm in the program code. Call it the Leigh, a virus that infects command.com file is successfully transmitted to many DOS operating system. It appears that many who were inspired by The Leigh this, because next year the virus appeared in Jerusalem, which infect only Date 13 per month. Jerusalem is known as the first virus that causes categorized damaged computer. This virus remove programs that are running on the date of transmission.

Due to the development of this virus is considered disturbing the user computer, start looking for ways to prevent these malicious programs from independent developers create programs to eliminate or stop the activity of the virus, which was then known as the antivirus. The first big company that makes antivirus is norton Symantec antivirus products in th 1990.

Uniquely, so antivirus found, the virus development becomes even more-so. In 1992 there were 1300 active viruses infecting computers worldwide, an increase of 420% from the year 1990. if at the beginning of virus development program file into the main target, th 1995 virus comes with a different transmission method. Microsoft production document files (Microsoft Word) became the new target viruses that exploit weaknesses of the existing macro features in Microsoft programs, so the virus is known as macro viruses.

Subsequent development of computer viruses began to glance at the spread of the Internet media as the basis for their program. The idea of the spread of this virus originated from the success of the Melissa virus (W97M/Melissa) micro-files that exploit the weakness that is inserted into the e-mail, because by then many e-Mail users who use e-mail client applications such as Outlook, and save the recipient's contact there Melissa spread so easily to the existing list box.

The development of this virus continues to be concentrated on the dissemination via the Internet, because apart quickly deployed, the virus can also steal data using the same media. However, unlike its predecessor, a virus that is currently not in fact have, or may deliberately not focused on destroying the system. Some viruses simply show off in the past the antivirus program.

Name the new generation of viruses carried by any part to shift. Now the virus already has a brother-in-arms called worms and trojans. Whatever the name or designation program "this tiny, main ideas aimed at disturbing the normal system running.
Continue reading...

10 most dangerous viruses of 2010

VBScript type virus attack is still very high, it is evident from the many reports that complain about these types of script viruses. One virus that shot high into the first sequence is Discusx.vbs. If you still remember with these viruses, the Virus Top-10 March 2008 edition of the past, viruses Discusx.vbs ranked 5th, but this time he sped up to the first sequence. The following list details:

1. Discusx.vbs
VBScript viruses on this one, have a size around 4800 bytes. He will try to infect the multiple drives in your computer, including flash disk drive, which if infected shall make autorun.inf file and the root drive System32.sys.vbs

2. Reva.vbs
Again, the virus types that VBScript pretty much complained of by some readers. He will try to spread itself to any drives on your computer, including the flash disk drives. On the drive there will be infected reva.vbs files, autorun.inf, and shaheedan.jpg.

3. XFly
PC Media Antivirus recognizes two variants of this virus, namely XFly.A and XFly.B. Just like most other local viruses, he created using Visual Basic. Has a body size of 143,360 bytes without being compressed. And he may be disguised as a folder, MP3 files with WinAmp or any other way directly change the existing icon resource in the body. This will make more difficult for the layman to recognize the user. On infected computers, when running Internet Explorer, its caption is changed into x-fly "..:: ::..", and when starting Windows will appear the message from the maker of the virus in the default browser. Or every time show at 12:30, 16:00, or 20:00, the virus will display a black screen that also contains messages from the virus creator.

4. Explorea
Viruses that are compiled using Visual Basic comes with the size of 167,936 bytes, without being compressed. Using the standard Windows folder icon similar to defraud victims. This virus will attack your Windows Registry to change the default open from a few extensions such as. LNK,. PIF,. BAT, and. COM. At the infected computer, while certain times occasionally show an error message, for example when opening the System Properties.

5. Gen.FFE
Gen.FFE or the author named Fast Firus Engine is one of the locally made program Virus Generator. By simply using this program, did not take long to create a virus / new variant. Viruses of the output of this program icon-like images using standard default Windows folder. He will block access to Task Manager, Command Prompt, and also eliminate some of the menu in the Start Menu. He also will read the caption of the current program, if there are strings associated with the antivirus program will soon be closed to him.

6. Empty
Viruses are also created using Visual Basic and had a folder icon has a size of about 110,592 bytes, without being compressed. There are so many changes that he has made in Windows, such as the Registry, File System, etc., which can even cause Windows can not be used as appropriate. On computers that are infected by this virus, when starting Windows will display a message from the virus creator.

7. Raider.vbs
This VBScript virus type-size 10,000 bytes, if the virus file is opened with Notepad for example, so many strings that can not be read because of the encrypted condition. In the Registry, he also gave recognition to create a new key in HKLM \ Software with same name as the name of the computer name, the contents of a string value such as a virus, Raider, and the date the first time the infected computer.

8. ForrisWaitme
Viruses are created with Visual Basic uses the standard Windows folder icon similar to disguises. Some ulahnya is exchanged with the left mouse button function right, removes the Folder Options menu, create a file the message "read saya.txt" on the drive is infected, and there are still others.

9. Pray
Local virus was created using Visual Basic. We found 2 variants of this virus, for Pray.A variant has no icon, while for variant Pray.B use like Windows Explorer icon. If the computer is infected by this virus, while at the computer clock shows 05:15 AM, 13:00, 16:00, 18:30, or 19:45 and, this virus will display a message reminding the user to perform the prayer.

10. Rian.vbs
This VBScript virus has a size of 3788 bytes. When infecting, it will create new files autorun.inf and RiaN.dll.vbs on each root drive that is installed on the victim's computer, including the Flash Disk. Computer infected by this virus, caption of Internet Explorer will change to "Rian Cantiq PR P2
Continue reading...

Senin, 19 April 2010

Virus Origins

Computer viruses are called viruses because they share some of the traits of biological viruses. A computer virus passes from computer to computer like a biological virus passes from person to person.

Unlike a cell, a virus has no way to reproduce by itself. Instead, a biological virus must inject its DNA into a cell. The viral DNA then uses the cell's existing machinery to reproduce itself. In some cases, the cell fills with new viral particles until it bursts, releasing the virus. In other cases, the new virus particles bud off the cell one at a time, and the cell remains alive.

A computer virus shares some of these traits. A computer virus must piggyback on top of some other program or document in order to launch. Once it is running, it can infect other programs or documents. Obviously, the analogy between computer and biological viruses stretches things a bit, but there are enough similarities that the name sticks.

People write computer viruses. A person has to write the code, test it to make sure it spreads properly and then release it. A person also designs the virus's attack phase, whether it's a silly message or the destruction of a hard disk. Why do they do it?

There are at least three reasons. The first is the same psychology that drives vandals and arsonists. Why would someone want to break a window on someone's car, paint signs on buildings or burn down a beautiful forest? For some people, that seems to be a thrill. If that sort of person knows computer programming, then he or she may funnel energy into the creation of destructive viruses.

The second reason has to do with the thrill of watching things blow up. Some people have a fascination with things like explosions and car wrecks. When you were growing up, there might have been a kid in your neighborhood who learned how to make gunpowder. And that kid probably built bigger and bigger bombs until he either got bored or did some serious damage to himself. Creating a virus is a little like that -- it creates a bomb inside a computer, and the more computers that get infected the more "fun" the explosion.

The third reason involves bragging rights, or the thrill of doing it. Sort of like Mount Everest -- the mountain is there, so someone is compelled to climb it. If you are a certain type of programmer who sees a security hole that could be exploited, you might simply be compelled to exploit the hole yourself before someone else beats you to it.

Of course, most virus creators seem to miss the point that they cause real damage to real people with their creations. Destroying everything on a person's hard disk is real damage. Forcing a large company to waste thousands of hours cleaning up after a virus is real damage. Even a silly message is real damage because someone has to waste time getting rid of it. For this reason, the legal system is getting much harsher in punishing the people who create viruses.

Continue reading...

Virus History

Traditional computer viruses were first widely seen in the late 1980s, and they came about because of several factors. The first factor was the spread of personal computers (PCs). Prior to the 1980s, home computers were nearly non-existent or they were toys. Real computers were rare, and they were locked away for use by "experts." During the 1980s, real computers started to spread to businesses and homes because of the popularity of the IBM PC (released in 1982) and the Apple Macintosh (released in 1984). By the late 1980s, PCs were widespread in businesses, homes and college campuses.

The second factor was the use of computer bulletin boards. People could dial up a bulletin board with a modem and download programs of all types. Games were extremely popular, and so were simple word processors, spreadsheets and other productivity software. Bulletin boards led to the precursor of the virus known as the Trojan horse. A Trojan horse is a program with a cool-sounding name and description. So you download it. When you run the program, however, it does something uncool like erasing your disk. You think you are getting a neat game, but it wipes out your system. Trojan horses only hit a small number of people because they are quickly discovered, the infected programs are removed and word of the danger spreads among users.

floppy disk in computer
Floppy disks were factors in the spread of computer viruses.

The third factor that led to the creation of viruses was the floppy disk. In the 1980s, programs were small, and you could fit the entire operating system, a few programs and some documents onto a floppy disk or two. Many computers did not have hard disks, so when you turned on your machine it would load the operating system and everything else from the floppy disk. Virus authors took advantage of this to create the first self-replicating programs.

Early viruses were pieces of code attached to a common program like a popular game or a popular word processor. A person might download an infected game from a bulletin board and run it. A virus like this is a small piece of code embedded in a larger, legitimate program. When the user runs the legitimate program, the virus loads itself into memory­ and looks around to see if it can find any other programs on the disk. If it can find one, it modifies the program to add the virus's code into the program. Then the virus launches the "real program." The user really has no way to know that the virus ever ran. Unfortunately, the virus has now reproduced itself, so two programs are infected. The next time the user launches either of those programs, they infect other programs, and the cycle continues.

If one of the infected programs is given to another person on a floppy disk, or if it is uploaded to a bulletin board, then other programs get infected. This is how the virus spreads.

The spreading part is the infection phase of the virus. Viruses wouldn't be so violently despised if all they did was replicate themselves. Most viruses also have a destructive attack phase where they do damage. Some sort of trigger will activate the attack phase, and the virus will then do something -- anything from printing a silly message on the screen to erasing all of your data. The trigger might be a specific date, the number of times the virus has been replicated or something similar.

In the next section, we will look at how viruses have evolved over the years.

Continue reading...

Virus Evolution

As virus creators became more sophisticated, they learned new tricks. One important trick was the ability to load viruses into memory so they could keep running in the background as long as the computer remained on. This gave viruses a much more effective way to replicate themselves. Another trick was the ability to infect the boot sector on floppy disks and hard disks. The boot sector is a small program that is the first part of the operating system that the computer loads. It contains a tiny program that tells the computer how to load the rest of the operating system. By putting its code in the boot sector, a virus can guarantee it is executed. It can load itself into memory immediately and run whenever the computer is on. Boot sector viruses can infect the boot sector of any floppy disk inserted in the machine, and on college campuses, where lots of people share machines, they could spread like wildfire.

In general, neither executable nor boot sector viruses are very threatening any longer. The first reason for the decline has been the huge size of today's programs. Nearly every program you buy today comes on a compact disc. Compact discs (CDs) cannot be modified, and that makes viral infection of a CD unlikely, unless the manufacturer permits a virus to be burned onto the CD during production. The programs are so big that the only easy way to move them around is to buy the CD. People certainly can't carry applications around on floppy disks like they did in the 1980s, when floppies full of programs were traded like baseball cards. Boot sector viruses have also declined because operating systems now protect the boot sector.

Infection from boot sector viruses and executable viruses is still possible. Even so, it is a lot harder, and these viruses don't spread nearly as quickly as they once did. Call it "shrinking habitat," if you want to use a biological analogy. The environment of floppy disks, small programs and weak operating systems made these viruses possible in the 1980s, but that environmental niche has been largely eliminated by huge executables, unchangeable CDs and better operating system safeguards.

E-mail viruses are probably the most familiar to you. We'll look at some in the next section.

Continue reading...

E-mail Viruses

Virus authors adapted to the changing computing environment by creating the e-mail virus. For example, the Melissa virus in March 1999 was spectacular. Melissa spread in Microsoft Word documents sent via e-mail, and it worked like this:

Someone created the virus as a Word document and uploaded it to an Internet newsgroup. Anyone who downloaded the document and opened it would trigger the virus. The virus would then send the document (and therefore itself) in an e-mail message to the first 50 people in the person's address book. The e-mail message contained a friendly note that included the person's name, so the recipient would open the document, thinking it was harmless. The virus would then create 50 new messages from the recipient's machine. At that rate, the Melissa virus quickly became the fastest-spreading virus anyone had seen at the time. As mentioned earlier, it forced a number of large companies to shut down their e-mail systems.

The ILOVEYOU virus, which appeared on May 4, 2000, was even simpler. It contained a piece of code as an attachment. People who double-clicked on the attachment launched the code. It then sent copies of itself to everyone in the victim's address book and started corrupting files on the victim's machine. This is as simple as a virus can get. It is really more of a Trojan horse distributed by e-mail than it is a virus.

The Melissa virus took advantage of the programming language built into Microsoft Word called VBA, or Visual Basic for Applications. It is a complete programming language and it can be programmed to do things like modify files and send e-mail messages. It also has a useful but dangerous auto-execute feature. A programmer can insert a program into a document that runs instantly whenever the document is opened. This is how the Melissa virus was programmed. Anyone who opened a document infected with Melissa would immediately activate the virus. It would send the 50 e-mails, and then infect a central file called NORMAL.DOT so that any file saved later would also contain the virus. It created a huge mess.

Microsoft applications have a feature called Macro Virus Protection built into them to prevent this sort of virus. With Macro Virus Protection turned on (the default option is ON), the auto-execute feature is disabled. So when a document tries to auto-execute viral code, a dialog pops up warning the user. Unfortunately, many people don't know what macros or macro viruses are, and when they see the dialog they ignore it, so the virus runs anyway. Many other people turn off the protection mechanism. So the Melissa virus spread despite the safeguards in place to prevent it.

In the case of the ILOVEYOU virus, the whole thing was human-powered. If a person double-clicked on the program that came as an attachment, then the program ran and did its thing. What fueled this virus was the human willingness to double-click on the executable.

Now that we've covered e-mail viruses, let's take a look at worms.


Continue reading...

Worms

A worm is a computer program that has the ability to copy itself from machine to machine. Worms use up computer time and network bandwidth when they replicate, and often carry payloads that do considerable damage. A worm called Code Red made huge headlines in 2001. Experts predicted that this worm could clog the Internet so effectively that things would completely grind to a halt.

A worm usually exploits some sort of security hole in a piece of software or the operating system. For example, the Slammer worm (which caused mayhem in January 2003) exploited a hole in Microsoft's SQL server. "Wired" magazine took a fascinating look inside Slammer's tiny (376 byte) program.

Worms normally move around and infect other machines through computer networks. Using a network, a worm can expand from a single copy incredibly quickly. The Code Red worm replicated itself more than 250,000 times in approximately nine hours on July 19, 2001 [Source: Rhodes].

The Code Red worm slowed down Internet traffic when it began to replicate itself, but not nearly as badly as predicted. Each copy of the worm scanned the Internet for Windows NT or Windows 2000 servers that did not have the Microsoft security patch installed. Each time it found an unsecured server, the worm copied itself to that server. The new copy then scanned for other servers to infect. Depending on the number of unsecured servers, a worm could conceivably create hundreds of thousands of copies.

The Code Red worm had instructions to do three things:

  • Replicate itself for the first 20 days of each month
  • Replace Web pages on infected servers with a page featuring the message "Hacked by Chinese"
  • Launch a concerted attack on the White House Web site in an attempt to overwhelm it [Source: eEye Digital Security]

Upon successful infection, Code Red would wait for the appointed hour and connect to the www.whitehouse.govport 80 of www.whitehouse.gov (198.137.240.91). domain. This attack would consist of the infected systems simultaneously sending 100 connections to

The U.S. government changed the IP address of www.whitehouse.gov to circumvent that particular threat from the worm and issued a general warning about the worm, advising users of Windows NT or Windows 2000 Web servers to make sure they installed the security patch. .

A worm called Storm, which showed up in 2007, immediately started making a name for itself. Storm uses social engineering techniques to trick users into loading the worm on their computers. So far, it's working -- experts believe between one million and 50 million computers have been infected [source: Schneier].

When the worm is launched, it opens a back door into the computer, adds the infected machine to a botnet and installs code that hides itself. The botnets are small peer-to-peer groups rather than a larger, more easily identified network. Experts think the people controlling Storm rent out their micro-botnets to deliver spam or adware, or for denial-of-service attacks on Web sites.

In the next section, we'll look at patching your system and other things you can do to protect your computer

Continue reading...

How to Protect Your Computer from Viruses

You can protect yourself against viruses with a few simple steps:

  • If you are truly worried about traditional (as opposed to e-mail) viruses, you should be running a more secure operating system like UNIX. You never hear about viruses on these operating systems because the security features keep viruses (and unwanted human visitors) away from your hard disk.
  • If you are using an unsecured operating system, then buying virus protection software is a nice safeguard.
  • If you simply avoid programs from unknown sources (like the Internet), and instead stick with commercial software purchased on CDs, you eliminate almost all of the risk from traditional viruses.
  • You should make sure that Macro Virus Protection is enabled in all Microsoft applications, and you should NEVER run macros in a document unless you know what they do. There is seldom a good reason to add macros to a document, so avoiding all macros is a great policy.
  • You should never double-click on an e-mail attachment that contains an executable. Attachments that come in as Word files (.DOC), spreadsheets (.XLS), images (.GIF), etc., are data files and they can do no damage (noting the macro virus problem in Word and Excel documents mentioned above). However, some viruses can now come in through .JPG graphic file attachments. A file with an extension like EXE, COM or VBS is an executable, and an executable can do any sort of damage it wants. Once you run it, you have given it permission to do anything on your machine. The only defense is never to run executables that arrive via e-mail.
Macro Virus  Protection in Microsoft Word
Open the Options dialog from the Tools menu in
Microsoft Word and make sure that Macro Virus Protection is enabled. Newer versions of Word allow you to customize
the level of macro protection you use.

By following these simple steps, you can remain virus-free.

For more information on computer viruses and related topics, see the links on the next page.

Continue reading...
 

Patron Computers And Mobile Phones From Viruses Copyright © 2009 Not Magazine 4 Column is Designed by Ipietoon Sponsored by Dezigntuts